Monday, April 7, 2014

China's Cyber Security Strategy with the EU is an opportunity for the U.S.

China has released a policy paper on how it intends to work together with the EU in a number of ways for mutually beneficial interests; including in the area of cyber security:

Strengthen cybersecurity dialogue and cooperation and promote the building of a peaceful, secure, open and cooperative cyberspace. Facilitate practical cooperation between China and the EU in fighting cyber-crimes, emergency response to cybersecurity incidents and cyber capacity building through platforms such as the China-EU Cyber Taskforce and work together for the formulation of a code of conduct in cyberspace within the UN framework.

Assuming that the EU cooperates, this is precisely what I've been advocating for since since early 2013 and as late as last week:

A better strategy would be to find ways to encourage China to develop a body of intellectual property law and create MLATs between U.S. and Chinese law enforcement to help them catch hackers who are attacking Chinese government websites. There's a lot of value to be gained in understanding and identifying independent mercenary hacker groups operating within China's IP space because they don't only target Chinese websites. To put it as simply as possible - our current strategy on Chinese cyber espionage activities has not only had ZERO effect, it has made us look ineffective and hypocritical. It's time for a change.

This is the best path forward for the U.S. government in its China policy. International collaboration has proven itself to be the only effective way to identify and arrest cyber criminals, while attempts to strong-arm the Chinese government over acts of cyber espionage have not only failed miserably but have now made us the target of well-deserved criticism thanks to a seemingly never-ending stream of NSA revelations.